Why the fuss about WinRT on ARM and alternative browsers?

And, toasters get all kinds of food the toaster maker never dreamed of. They don't get to control what Kellogg's decides to put into Pop Tarts.

But The toaster maker does enforce the requirement that Kellogg's makes Pop Tarts in the general shape and size of toast. Not in any other form factor.

Sorry, don't really have an ax to grind in this argument, but if you're going to perpetuate a weak analogy, you have to take it all the way.

You're misrepresenting his position. The toaster maker doesn't enforce the general shape or size of toast. That limitation is a physical constraint of the device, like how a phone without GPS or a front facing camera has physical limitations which limit its utility to a degree. On the contrary, limitations pertaining to sideloading are an artificial restriction imposed by the OS vendor. Not a physical constraint of the device.

the_stig_1 wrote:

This is a question of platform choice and the consequences of that choice. Apple is under no obligation to open up their platform to sideloading simply because you have ideological objections to their locked down platform. The presence of Android provides you, the user, an alternative platform that better suits your needs.

No, that's not what this discussion is about. Nobody disputes the existence of alternative platforms with different policies. What's in dispute is whether or not Apple and MS should be legally allowed to restrict sideloading. As such, continuing to say "go use Android!" is a total non sequitur because it does not address the issue in dispute.

the_stig_1 wrote:

You don't get to dictate what Apple does with their platform, save for voting with your wallet.

No, but I do get to talk on a public forum about whether or not their choices are morally sound in the hopes of building a consensus that Apple and MS should be compelled by the courts or legislature to permit sideloading.

the_stig_1 wrote:

the locked down nature of the iOS platform affords users security, ease-of-use and stability while still allowing them to use the device for the job they wanted to accomplish.

Except when the job the user wants to accomplish is not permitted by Apple and MS, such as run a banned app.

adminfoo wrote:

And because it is simple ideology, everyone debating it can simply wave off the arguments and opinions held by others. Argument-by-analogy will fail too, because folks with differing views will simply claim that analogies demonstrating different ideologies are incomplete or inappropriate or whatever.

Analogies are not subjective. They have to be representative to be valid. It's okay for you to disagree with me that sideloading is morally wrong, as that is subjective. But it is not valid for you to say that our disagreement over sideloading permits either side of the debate to make bad analogies.

PaoloM wrote:

So... I want to play my Xbox version of Halo on a Galaxy S2. Why are Samsung and Google curtailing my freedom?

Nobody here is asking for that. MS has the freedom to port Halo to the Galaxy S2. Google and Samsung do not restrict that. Likewise, we want Apple and MS to lift restrictions which prevent Mozilla from offering Firefox on iOS and WinRT.

Metasyntactic wrote:

Kethinov wrote:

Since such incidents are not a problem with Android, that argument seems moot.

Yeah. That's a great way to handle security, just assume that things won't be a problem in the future.

Ah I see. The old absence of evidence is not evidence of absence thing... Yeah okay. While you're waiting for some mass uprising of malware caused by Android users sideloading apps, I'm going to go on thinking that imposing a walled garden by default is a sensible security measure while imposing a walled garden which cannot be opted out of is an overreach.

Metasyntactic wrote:

Kethinov wrote:

No, the vast majority of consumers don't care either way. There is no expressed preference for walled gardens.

Yes. There is. The market moved heavily toward walled gardens away from non-walled gardens. Users expressed (and continue to express) deep dissatisfaction with all the problems that come from the 'i can load anything' approach.

No, users expressed dissatisfaction with the lack of curation. There was no expressed preference for that curation being mandatory.

Metasyntactic wrote:

sid0 wrote:

Metasyntactic wrote:

Kethinov wrote:

And even if they were single purpose devices, like game consoles, that's still no justification to centrally restrict what apps are and are not allowed to run on my hardware.

Except for the reasons that are valuable. For example, curation.

Surely someone smart like you can figure out that curation and sideloading are completely compatible.

They're not. To be completely compatible, they would need to cost the same. One costs more.

Metasyntactic wrote:

You say 'easily'. But you handwave away the costs. It's not easy if it means doubling the cost of test of WinRT.

It's completely ridiculous to assert that permitting sideloading is cost prohibitive. Adding a buried setting which permits sideloading and comes with a warning would not double the cost of testing WinRT.

So... I want to play my Xbox version of Halo on a Galaxy S2. Why are Samsung and Google curtailing my freedom?

Nobody here is asking for that. MS has the freedom to port Halo to the Galaxy S2. Google and Samsung do not restrict that. Likewise, we want Apple and MS to lift restrictions which prevent Mozilla from offering Firefox on iOS and WinRT.

In this thread, we have a whole bunch of people failing to distinguish between things they do not like and things that are unethical. Thankfully, these misguided attempts to "open" iOS and WinRT via the courts/legislation are doomed to fail. One would hope though that these ideologues would stop coaxing their authoritarian fantasies in the language of "freedom".

One would hope though that these ideologues would stop coaxing their authoritarian fantasies in the language of "freedom".

So, were things like the "First Sale Doctrine" and requiring automobile manufacturers to permit third party replacement parts part of an "authoritarian" regime, then?

The newspeak here is entirely on your side of the ledger. Giving companies this kind of power over people (and, for that matter, other companies) is a strange way to talk about "freedom."

In any case, there's plenty of precedent for having a purchase of A being legally required to have nothing to do with purchasing B, C, D, E, and F from some other company. That's what's mainly on discussion here.

Why should my purchase of one good require me to work with that vendor on all subsequent purchases, be it an auto part or a bit of game software?

Thankfully, these misguided attempts to "open" iOS and WinRT via the courts/legislation are doomed to fail

As doomed to fail as jailbreaking being made legal? The EFF this time has requested that jailbreaking tablets and game consoles be made legal too. It's not a very big jump from there to what Kethinov suggests, though I'm personally not in favour of it.

In this thread, we have a whole bunch of people failing to distinguish between things they do not like and things that are unethical.

Um, what? I regard OS vendors centrally controlling what apps are permitted to run on my hardware as morally wrong. Most people don't like things they regard as morally wrong. What the hell are you on about?

Thankfully, these misguided attempts to "open" iOS and WinRT via the courts/legislation are doomed to fail

As doomed to fail as jailbreaking being made legal? The EFF this time has requested that jailbreaking tablets and game consoles be made legal too. It's not a very big jump from there to what Kethinov suggests, though I'm personally not in favour of it.

Why? Do you hate freedom? (Kidding. )

Seriously though, legally requiring a "permit me to sideload my apps" button on iOS and WinRT doesn't change the user experience one bit for those who benefit from the walled garden and greatly enhances the user experience for those who want to run banned apps. Why oppose this?

Yes it is. Now that you have the opt-out system you have to deal with any security fallout. If there is no opt out mechanism, then that's not an issue you need to deal with.

Puh-leeze.

If security risk were a valid justification then IE needs to use WinRT and nothing more. It is preposterous to say on the one hand "oh we need sandboxing and tight restrictions to ensure security" and then on the other "but IE, which is routinely exploited and a regular recipient of security fixes, can do whatever it likes".

This is untrue. MS is free to have different standards for itself than others. After all, it can still control the development of the code that it allows exceptions for. It cannot do that with others. They are not similar situations.

You're not general purpose because you cannot run a general purpose application. Your app must be specialized to run under the constraints that the platform now *enforces*. Indeed, that's the very thing that's being discussed. In the past you could always subvert the platform. You could literally run anything (even if that stuff, for example, mucked around with the kernel of the OS). Now you cannot. It's specifically *not general* because being general brought along too many problems.

If you were general purpose then Mozilla wouldn't have a frigging problem. But because it's a specialized platform, and their app doesn't fit into the specialized restrictions, then they are upset.

This is sophistry of the first order.

No it isn't. It's quite an important distinction.

Quote:

If I re-write an already approved app in Java or Perl, the new version won't any longer be accepted.

Yes it will. WinRT doesn't prevent you from running Java or Perl.

Quote:

There's nothing going on here but corporate self-interest in terms of what's in and what's out when it comes right down to it.

Except the reasons i mentioned, like security around 3rd party apps and not making them a larger threat vector for the platform.

Yeah. That's a great way to handle security, just assume that things won't be a problem in the future.

Ah I see. The old absence of evidence is not evidence of absence thing...

Uh. Yes. At one point in computing, buffer overruns weren't an issue because they hadn't been exploited. Would you have argued that people shouldn't patch buffer overruns? Same with XSS. Same with overflows. Same with all sorts of injection attacks. Etc. etc. etc.

Security gets tougher and tougher because the attacks get craftier and craftier. You don't make a secure platform by looking at what's been attacked in the past and trying to fix it. That approach just leads to the TSA. Security is an ongoing process and it includes looking at where threats may come from in the future and properly hardening your system against that sort of thing *proactively*.

You talk about irresponsible computing, and yet you say that people should ignore potential threats. To me that's the height of irresponsibility.

Quote:

Metasyntactic wrote:

Kethinov wrote:

No, the vast majority of consumers don't care either way. There is no expressed preference for walled gardens.

Yes. There is. The market moved heavily toward walled gardens away from non-walled gardens. Users expressed (and continue to express) deep dissatisfaction with all the problems that come from the 'i can load anything' approach.

No, users expressed dissatisfaction with the lack of curation. There was no expressed preference for that curation being mandatory.

Hence people wanted curation. And, as i mentioned, it's not the responsibility for a platform to cater to all wants. It has to balance how much it wants to spend and how much it wants to support, and how many threats it wants to deal with. Given that people preferred curation overwhelming to non-curation, it makes sense to just support that. Some people that want non-curation are left out. But so what? It's not an OS that intends to be useful to all users. That's an explicit, intentional, and acceptable choice for a platform maker to make.

Quote:

Metasyntactic wrote:

sid0 wrote:

Metasyntactic wrote:

Kethinov wrote:

And even if they were single purpose devices, like game consoles, that's still no justification to centrally restrict what apps are and are not allowed to run on my hardware.

Except for the reasons that are valuable. For example, curation.

Surely someone smart like you can figure out that curation and sideloading are completely compatible.

They're not. To be completely compatible, they would need to cost the same. One costs more.

Metasyntactic wrote:

You say 'easily'. But you handwave away the costs. It's not easy if it means doubling the cost of test of WinRT.

It's not your call to say what level of costs are acceptable for a company to make. If they say "we don't want to spend anything on this", then that's their call. You can't go "well... but it's small! So i insist that you do it!"

I'd like Windows to support Klingon out of the box. The cost to do so would be small (just hire a few native speakers). But so what? It's still a cost, and no one at MS would find the cost worth the benefit. The same happened with side loading. Deal with it. You don't get everything you want with an OS and you have no basis to claim that you deserve it.

Quote:

Adding a buried setting which permits sideloading and comes with a warning would not double the cost of testing WinRT.

It would increase the cost.

And it would increase teh cost *a lot*. For example, MS would now have to maintain things like Win32 on WindowsRT. And that means undoing a lot of the work that has been done internally to deprecate certain parts of the API or change them to be less functional but more power efficient. All APIs on WindowsRT would then have to be supported for 10+ years and that indeed has quite a high cost. Cost in direct maintenance. Cost in ensuring back compat breaks don't happen. Cost in documenting. Etc. etc. etc.

In this thread, we have a whole bunch of people failing to distinguish between things they do not like and things that are unethical.

Um, what? I regard OS vendors centrally controlling what apps are permitted to run on my hardware as morally wrong. Most people don't like things they regard as morally wrong. What the hell are you on about?

It's not immoral for a business to offer for sale a product which _you_ consider to be immoral. It is immoral for you to attempt to force your morals on others by making it illegal for a business to sell a particular type of product (in this case, walled garden hardware such as game consoles, iOS devices, or say, cars) just because _you_ find it immoral.

Think of it in terms of religion. Say you're orthodox and you believe it's immoral to drive on Saturdays. That's all well and good, more power to you. But if you then go out and barricade roads to try to prevent others from driving on Saturday, or threaten car dealerships to try to prevent them from selling cars on Saturday, then _you_ are being immoral.

Your attempt to shove your morals down other people's throats is itself immoral, from the point of view of a tolerant society.

In this thread, we have a whole bunch of people failing to distinguish between things they do not like and things that are unethical.

Um, what? I regard OS vendors centrally controlling what apps are permitted to run on my hardware as morally wrong. Most people don't like things they regard as morally wrong. What the hell are you on about?

It's not immoral for a business to offer for sale a product which _you_ consider to be immoral. It is immoral for you to attempt to force your morals on others by making it illegal for a business to sell a particular type of product (in this case, walled garden hardware such as game consoles, iOS devices, or say, cars) just because _you_ find it immoral.

Think of it in terms of religion. Say you're orthodox and you believe it's immoral to drive on Saturdays. That's all well and good, more power to you. But if you then go out and barricade roads to try to prevent others from driving on Saturday, or threaten car dealerships to try to prevent them from selling cars on Saturday, then _you_ are being immoral.

Your attempt to shove your morals down other people's throats is itself immoral, from the point of view of a tolerant society.

Agreed. Although up and to a certain point. For example, society sometimes adopts certain moral codes (often around civil rights). So, if society were to decide that FOSS software violated some basic civil rights, then they might not allow a company to use it (and vice versa). However, right now, society completely accepts that a non-monopoly platform vendor is completely in the right to not support every knob and button that every user wants.

I'd like Windows to support Klingon out of the box. The cost to do so would be small (just hire a few native speakers).

I'm going to pull his out of context becasue:

a) It would be friggen awesome and cause multiple nerdgasms all across the worldb) WindowsRT and 8 would be cool. Stuffy old iOS supports stuffy old languages but not Klingon!c) I can just hear the startup sound made in Ballmer's voice saying "boch ghlchraj"

I'd like Windows to support Klingon out of the box. The cost to do so would be small (just hire a few native speakers).

I'm going to pull his out of context becasue:

a) It would be friggen awesome and cause multiple nerdgasms all across the worldb) WindowsRT and 8 would be cool. Stuffy old iOS supports stuffy old languages but not Klingon!c) I can just hear the startup sound made in Ballmer's voice saying "boch ghlchraj"

Firefox *can* be offered in the same way I *can* run around naked on the streets but I *choose* not to.

No. You'll get arrested. It is not legal to run around naked in the streets. On teh other hand, you absolutely can run firefox on WindowsRT. There are just limitations. Just like there would limitations if Firefox wanted to break out of the sandbox and modify the kernel. Sorry, if you want to do that, you're not allowed. There are just off limit areas.

OK, better analogy: Firefox *can* be offered in the same way I *can* chop off my hands if I wanted but I *choose* not to.

We can keep making analogies all day, or you as a compiler person can recognize that while it's possible to ship something, it's impossible to ship a competitive browser without a JIT. No self-respecting entity will ever ship a browser in 2012 without a JIT. Stop being ridiculous.

OK, better analogy: Firefox *can* be offered in the same way I *can* chop off my hands if I wanted but I *choose* not to.

We can keep making analogies all day, or you as a compiler person can recognize that while it's possible to ship something, it's impossible to ship a competitive browser without a JIT. No self-respecting entity will ever ship a browser in 2012 without a JIT. Stop being ridiculous.

It can use a JIT if it wants. It just needs to be MS' jit. It's true that they can't use their own JIT. And maybe that irks some people. I'm sure it irks Semantic that they can't go in and muck with teh kernel. I'm sure it irks some 3rd parties that they can't go in and copy the data out from other applications. I'm sure it irks some 3rd parties that they can't read from your personal data without going through a broker that you approve. I'm not sure why i care. I don't believe software should be able to do what it wants. Indeed, i think that's been a problem with computing for decades.

... I'm sure it irks some 3rd parties that they can't read from your personal data without going through a broker that you approve. I'm not sure why i care. I don't believe software should be able to do what it wants. Indeed, i think that's been a problem with computing for decades.

I agree, but this seems quite the contrast with your views in the Google thread, where you seemed to be quite happy for G to grab any and all data (via search, Android, Gmail etc) without opt-in from the user.

I'd like Windows to support Klingon out of the box. The cost to do so would be small (just hire a few native speakers).

I'm going to pull his out of context becasue:

a) It would be friggen awesome and cause multiple nerdgasms all across the worldb) WindowsRT and 8 would be cool. Stuffy old iOS supports stuffy old languages but not Klingon!c) I can just hear the startup sound made in Ballmer's voice saying "boch ghlchraj"

One caveat, though, is that third-party apps that load webpages in a WebKit view still won't take advantage of Nitro's fast JIT execution. Again, security is the main concern.

"The reason I think Apple hasn't allowed dynamic code injection in third-party apps is that allowing dynamic code injection in third-party apps doesn't just allow Nitro to work, it allows any code injection mechanism to work," Graham Lee, iOS app security consultant, told Ars. "That's a dangerous proposition: especially if the generated code is created as a result of parsing untrusted input from an unknown provider on the Internet."

Such code injection is how security holes are exploited by malicious software to do Very Bad Things™, such as access your data without permission, or capture sensitive information like credit card numbers or bank account passwords.

But why would Apple let such dynamically generated code run within Safari itself, as well as Web.app processes, if that code could result in a security breach for users? The answer is likely that Apple controls all the code in Mobile Safari and Web.app, and it can ensure code injection doesn't get outside iOS's application sandboxes.

Oh look. The precise argument i was stating for why Windows is doing hte same thing as well. MS controls all the code for IE and is willing to grant it special privileges that it won't give 3rd party code that is entirely out of its control.

So you are retracting your claim that a third party application can use the Chakra JIT?

No. As i mentioned, a third party can use that JIT. I even specified how. I pointed out that on *iOS*, a 3rd party was given a limited JIT. I do not believe that that's the case on WindowsRT. I could be wrong, but i know of no limitations placed on you when using the appropriate control that IE itself doesn't have.

I said there were limitations that prevent a 3rd party from using *another* JIT. But you should be allowed to use the same JIT.

No. As i mentioned, a third party can use that JIT. I even specified how.

But as far as I can tell, the same reasoning that applies to disabling 3rd party JIT in iOS would also apply to WinRT. Why do you believe otherwise? Do you have any evidence to back up your claim? A JS benchmark test (V8 or Kraken, take your pick) showing similar results in IE and a trivial third party browser should be enough, at least for web content. The situation for content that needs to be run at higher-than-web privileges would still be unanswered.

Note: this was an "AFAICT". I personally dont' care one way or the other. If the JIT, when used by 3rd parties, is not as capable as it is when used by IE (i.e. the iOS model), then i have no problem with that. This is an area where you have to be extremely careful (after all, you don't want to r00t the device just because a user hit a web page). So it's ok to be paranoid and restrictive with it when it comes to 3rd parties.

I said there were limitations that prevent a 3rd party from using *another* JIT. But you should be allowed to use the same JIT.

I imagine that if JavaScript was brought into managed world and plugged into Roslyn it would make a kickass service for Win8. I dunno if FF would be able to leverage that though, AFAICT their "Metro" version is just dumb port+reskin, which is going to run crappy on ARM vs x86 JIT or no JIT.

Note: this was an "AFAICT". I personally dont' care one way or the other. If the JIT, when used by 3rd parties, is not as capable as it is when used by IE (i.e. the iOS model), then i have no problem with that. This is an area where you have to be extremely careful (after all, you don't want to r00t the device just because a user hit a web page). So it's ok to be paranoid and restrictive with it when it comes to 3rd parties.

They'll root it through fucking Internet Explorer.

Either JIT is too dangerous for everyone, or it's safe enough for everyone. There is no "safe enough for Microsoft, but too dangerous for everyone else".

I don't care what you say about Microsoft's internal controls and restrictions; Internet Explorer's track record is worse than Chrome's, so Google, at the very least, should be allowed access to JIT APIs.